Windows Zero Day Exploit Outed On Twitter

I’m going to go out on a limb and suggest that the folks in Redmond Washington are going to have a very bad day as a zero day exploit, meaning that it has no known fix has been unleashed upon the planet via Twitter.

In short, this exploit is of the privilege escalation variety. Meaning that some miscreant can escalate their user level on an exploited computer to do whatever they want. That’s bad. And you’ll note that in the Tweet above there’s proof of concept code already out there. That means that the bad guys are likely already working on ways to exploit the exploit. Which by the way the exploit in question was confirmed on Twitter by CERT/CC vulnerability analyst Will Dormann:

And CERT/CC has just posted it’s own analysis as well which highlights the fact that there are no known fixes or mitigations. Which is of course very bad. Hopefully Microsoft is on the case and seeing as this is a zero day exploit, won’t wait until Patch Tuesday to come out with a fix for this. Until then, they’ll be under a fair amount of pressure to address this quickly now that this is out there.

 

Advertisements

One Response to “Windows Zero Day Exploit Outed On Twitter”

  1. […] readers will recall that a pretty bad vulnerability in Windows was disclosed on Twitter last week that had the potential to be really bad if the bad guys stated to exploit that if Microsoft […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: